A security research firm has found that Epic Games’s Fortnite is being used as a mode to enable the transaction of stolen or ‘dirty’ money. Security company Sixgill has found in its investigations that criminals have been using stolen credit cards to buy V-bucks, Fortnite‘s in-game currency, and selling those off at a discounted rate on the Dark Web, turning the money ‘clean’ in the process, The Independent reports.
While most of these transactions take place on the dark web, there is evidence that these are being sold on the open web as well. According to the agency these operations are being run in various languages including English, Chinese, Russian, Spanish, Arabic. The persons involved use cryptocurrency to obscure their origins. Though there is no tab on how much money was involved in all these transactions, they are said to be substantial enough to increase the popularity of the game. According to the report, Fortnite items being sold on eBay grossed almost $250,000 over a 60 day period last year.
“Epic Games doesn’t seem to clamp down in any serious way on criminal activity surrounding Fortnite, money laundering or otherwise,” said Benjamin Preminger, Sixgill senior intel analyst . “While completely stopping such criminal activity is extremely difficult, several steps could be taken to mitigate the phenomenon, including monitoring the transfer of high-value goods in the game, identifying players with large stockpiles of V-Bucks, and sharing data with relevant law enforcement agencies.”
These have raised serious concerns about the oversight of security by Epic Games. These have compounded because previously Epic Games worked around Google Play Store to launch Fortnite on Android which apparently increased security risks. Fortnite gave the following statement about the present situation to GameSpot.
WATCH: Forza Horizon 4 Gameplay
“Epic Games takes these issues seriously, as chargebacks and fraud put our players and our business at risk. As always, we encourage players to protect their accounts by turning on two-factor authentication, not re-using passwords and using strong passwords, and not sharing account information with others.”